CyberSecurityBoard
Sponsor Register Login

CVE-2023-31324

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.


Cyber News related to CVE-2023-31324

Chinese hackers behind attacks targeting SAP NetWeaver servers - SAP released an out-of-band emergency patch on April 24 to address this unauthenticated file upload security flaw (tracked as CVE-2025-31324) in SAP NetWeaver Visual Composer, days after cybersecurity company ReliaQuest first detected the ...
9 months ago Bleepingcomputer.com CVE-2025-31324
Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware - According to the latest research by Darktrace, the threat actors behind Auto-Color exploit CVE-2025-31324, a critical vulnerability in NetWeaver that allows unauthenticated attackers to upload malicious binaries to achieve remote code ...
6 months ago Bleepingcomputer.com CVE-2025-31324
Hackers Exploiting SAP NetWeaver Vulnerability to Deploy Auto-Color Linux Malware - In April 2025, cybersecurity firm Darktrace successfully detected and contained an attack that exploited CVE-2025-31324, a critical vulnerability in SAP NetWeaver, to deploy the stealthy Auto-Color backdoor malware over three days. A sophisticated ...
6 months ago Cybersecuritynews.com CVE-2025-31324
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
2 years ago Cisa.gov CVE-2023-48842 CVE-2023-43089 CVE-2023-39226 CVE-2023-46690 CVE-2023-47207 CVE-2023-46886 CVE-2023-48882 CVE-2023-49656 CVE-2023-28896 CVE-2023-48016 CVE-2023-49092 CVE-2023-2266 CVE-2023-2267 CVE-2023-31177 CVE-2023-34388 CVE-2023-34389 CVE-2023-48848 CVE-2023-4398
Ransomware gangs join ongoing SAP NetWeaver attacks - Forescout Vedere Labs security researchers have also linked these ongoing attacks to a Chinese threat actor they track as Chaya_004, while EclecticIQ reported on Tuesday that three other Chinese APTs (i.e., UNC5221, UNC5174, and CL-STA-0048) are also ...
8 months ago Bleepingcomputer.com CVE-2025-31324 BianLian RansomEXX
SAP fixes critical Netweaver flaw exploited in attacks - "Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated watchTowr CEO Benjamin Harris. The vulnerability, ...
9 months ago Bleepingcomputer.com CVE-2025-31324
SAP fixes suspected Netweaver zero-day exploited in attacks - "Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated watchTowr CEO Benjamin Harris. The vulnerability, ...
9 months ago Bleepingcomputer.com CVE-2025-31324
Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw - Researchers reported that the threat actors are utilizing webshells with names like, "cache.jsp" and "helper.jsp." Howver, Nextron Research says they are also using random names, making it more difficult to find vulnerable Netweaver ...
9 months ago Bleepingcomputer.com CVE-2025-31324
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
1 year ago Tenable.com
CVE-2023-54258 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server - Sig 11,887 p4api vs2017 static openssl3 p4api-2023.1.2468153-vs2017 static. Sig 11,847 p4api vs2017 static p4api-2023.1.2468153-vs2017 static. Sig 10,187 p4api vs2017 static vsdebug openssl3 p4api-2023.1.2468153-vs2017 static vsdebug. Sig 10,147 ...
2 years ago Microsoft.com
CVE-2023-31324 - A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of ...
56 years ago
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
1 year ago Securelist.com
Hackers Exploit Software Flaws within Hours Forcing Urgent Push for Faster Patches - This rapidly shrinking window between vulnerability discovery and active exploitation forces organizations to rethink traditional patching cycles and implement more agile security responses. In April, Microsoft disclosed that a zero-day vulnerability ...
8 months ago Cybersecuritynews.com CVE-2025-29824
Cybersecurity Weekly Digest: Key Attacks and Vulnerabilities From Last Week - A new malware campaign targets WordPress sites using a fake security plugin, “WP-antymalwary-bot.php.” Once installed, it grants attackers admin access, executes remote code, and injects malicious JavaScript for ad fraud. The attack chain ...
9 months ago Cybersecuritynews.com CVE-2025-31650
CVE-2022-31324 - An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request. ...
3 years ago
CVE-2021-31324 - The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution. ...
3 years ago
CVE-2024-31324 - In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode. This could lead to local escalation of privilege with User execution ...
1 year ago
CVE-2025-31324 - SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect ...
9 months ago CVE-2025-31324 CVE-2025-31191 CVE-2025-29824 CVE-2025-42999 CVE-2025-22224
400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild - Discovered in April 2025 by ReliaQuest security researchers during incident response activities, the vulnerability has already been weaponized in attacks against organizations running even fully-patched SAP installations. Organizations using SAP ...
9 months ago Cybersecuritynews.com CVE-2025-31324
Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors - A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems worldwide. Cyber Security News is a Dedicated News Platform For ...
9 months ago Cybersecuritynews.com CVE-2025-31324
SAP May 2025 Patch Tuesday - Patch for Actively Exploited 0-day & 15 Vulnerabilities - SAP’s May 2025 Security Patch Day includes an urgent update to the previously released emergency patch for a critical zero-day vulnerability (CVE-2025-31324) that continues to see active exploitation across multiple industries globally. With ...
8 months ago Cybersecuritynews.com CVE-2025-31324
Chinese Hackers Exploit SAP NetWeaver 0-Day Vulnerability To Attack Critical Infrastructures - In April 2025, security researchers identified a sophisticated campaign targeting critical infrastructure networks worldwide through a previously unknown vulnerability in SAP NetWeaver Visual Composer. The vulnerability, tracked as CVE-2025-31324, ...
8 months ago Cybersecuritynews.com CVE-2025-31324
Multiple Flaws in Dell PowerProtect Products Execute Commands - Multiple vulnerabilities have been discovered in Dell's PowerProtect, which were associated with SQL injection, cross-site scripting, privilege escalation, command injection, and path tracing. The severity for these vulnerabilities ranges between 4.3 ...
2 years ago Cybersecuritynews.com CVE-2023-44286 CVE-2023-44284 CVE-2023-48668 CVE-2023-44277 CVE-2023-48667 CVE-2023-44279 CVE-2023-44278 CVE-2023-44285
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
2 years ago Techtarget.com CVE-2023-0669 CVE-2023-34362 CVE-2023-36884 CVE-2023-4863 CVE-2023-41992 CVE-2023-41991 CVE-2023-41993 CVE-2023-22515

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)